DIGITAL SIGNATURES

MEANING OF DIGITAL SIGNATURES

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. These are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature.

A valid digital signature gives a recipient reason to believe that the message was created by a known sender such that they cannot deny sending it and that the message was not altered in transit commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

WHY DIGITAL SIGNATURES

For messages sent through a non-secure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret.

PUBLIC-KEY CRYPTOGRAPHY

A digital signature scheme typically consists of three algorithms: key generation algorithm signing algorithm signature verifying algorithm

key generation algoritm:selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key. signing algorithm :given a message and a private key, produces a signature. signature verifying algorithm :given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.

USES OF DIGITAL SIGNATURES

Below are some common reasons for applying a digital signature to communications:Authentication Integrity Non-repudiation

AUTHENTICATION

messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user.

INTEGRITY

the message has not been altered during transmission. if a message is digitally signed, any change in the message after signature will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally unfeasible by most cryptographic hash functions

NON-REPUDIATION

Non-repudiation, or more specifically nonrepudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it.

DIGITAL SIGNATURES VS. INK ON PAPER SIGNATURES

Digital signatures cryptographically bind an electronic identity to an electronic document and the digital signature cannot be copied to another document. Paper contracts sometimes have the ink signature block on the last page, and the previous pages may be replaced after a signature is applied. Digital signatures can be applied to an entire document, such that the digital signature on the last page will indicate tampering if any data on any of the pages have been altered, but this can also be achieved by signing with ink all pages of the contract. Additionally, most digital certificates provided by certificate authorities to end users to sign documents can be obtained by at most gaining access to a victim's email inbox. Important paper documents are signed in ink with all involved parties meeting in person, with additional identification forms other than the actual presence (like driver's license, passports, fingerprints, etc.), and most usually with the presence of a respected notary that knows the involved parties, the signing often happens in a building which has security cameras and other forms of identification and physical security. The security that is added by these type of ink on paper signatures cannot be currently matched by digital only signatures.

CONCLUSION
As organizations move away from paper documents with ink signatures or authenticity stamps, digital signatures can provide added assurances of the evidence to provenance, identity, and status of an electronic document as well as acknowledging informed consent and approval by a signatory.